A Flask extension to limit access to your routes by using allowed hostnames and IP addresses.

These details have not been verified by PyPI

Project links

Homepage

Project description

Flask Allowed Hosts

This extension provides a way to restrict access to your Flask application based on the incoming request's hostname or IP address or IP address range (network).

Features

Per-route configuration options.
Customize denied access behavior.
Two usage options: class-based or decorator-based.
Restrict access by hostname, IP address or IP address range (network).

Installation

Install the package using pip:

pip install flask-allowed-hosts

Usage

Class-Based Usage

Initialize the AllowedHosts class.
Define allowed hosts (optional).
Define a function for denied access behavior (optional).
Apply access control to routes using @allowed_hosts.limit() decorator (optional).

Example:

from flask import Flask, jsonify, abort
from flask_allowed_hosts import AllowedHosts

app = Flask(__name__)

ALLOWED_HOSTS = ["93.184.215.14", "api.example.com"]


def custom_on_denied():
    error = {"error": "Oops! Looks like you are not allowed to access this page!"}
    return jsonify(error), 403


allowed_hosts = AllowedHosts(app, allowed_hosts=ALLOWED_HOSTS, on_denied=custom_on_denied)


# Allows all incoming requests
@app.route("/api/public", methods=["GET"])
def public_endpoint():
    data = {"message": "This is public!"}
    return jsonify(data), 200


# Only allows incoming requests from "93.184.215.14" and "api.example.com"
@app.route("/api/private", methods=["GET"])
@allowed_hosts.limit()
def private_endpoint():
    data = {"message": "This is private!"}
    return jsonify(data), 200


# We can override the allowed_hosts list and the on_denied function for each route
@app.route("/api/private/secret", methods=["GET"])
@allowed_hosts.limit(allowed_hosts=["127.0.0.1"], on_denied=lambda: abort(404))
def secret_private_endpoint():
    data = {"message": "This is very private!"}
    return jsonify(data), 200


if __name__ == '__main__':
    app.run(host='0.0.0.0', port=5000, debug=True)

Decorator-Based Usage (Legacy)

Warning: This approach might cause unexpected behavior when combined with the class-based usage.

Define allowed hosts (optional).
Define a function for denied access behavior (optional).
Apply access control to routes using @limit_hosts decorator.

Example:

from flask import Flask, jsonify
from flask_allowed_hosts import limit_hosts

app = Flask(__name__)

ALLOWED_HOSTS = ["93.184.215.14", "api.example.com"]


def custom_on_denied():
    error = {"error": "Custom Denied Response"}
    return jsonify(error), 403


# Allows all incoming requests
@app.route("/api/public", methods=["GET"])
def public_endpoint():
    data = {"message": "This is public!"}
    return jsonify(data), 200


# Only allows incoming requests from "93.184.215.14" and "api.example.com"
@app.route("/api/private", methods=["GET"])
@limit_hosts(allowed_hosts=ALLOWED_HOSTS, on_denied=custom_on_denied)
def private_endpoint():
    return jsonify({"message": "This is private!"}), 200

More Examples

You can find more examples in the examples directory.

Configuration

Initialization Parameters

app: The Flask application instance (optional).
allowed_hosts: List of allowed hosts (optional, defaults to None which allows all hosts).
on_denied: Function for denied access behavior (optional).

Flask Config and Environment Variables

Flask Configuration

The extension respects these configurations:

ALLOWED_HOSTS: List of allowed hosts in Flask config.
ALLOWED_HOSTS_ON_DENIED: Function for denied access behavior in Flask config.

Precedence: Values provided during initialization override Flask config values.

Environment Variables

You can enable debug mode by setting the ALLOWED_HOSTS_DEBUG environment variable to True:

export ALLOWED_HOSTS_DEBUG="True"

This will print helpful debug messages to the console.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Support

If you have any questions or feedback, please feel free to open an issue or a pull request.

License

This project is licensed under the [MIT] License - see the LICENSE.md file for details.

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

This version

1.2.0

Oct 10, 2024

1.1.2

Sep 30, 2024

1.1.1

Sep 29, 2024

1.1.0

Sep 29, 2024

1.0.4

Sep 28, 2024

1.0.3

Sep 27, 2024

1.0.2

Sep 27, 2024

1.0.1

Sep 27, 2024

1.0.0 yanked

Sep 27, 2024

Reason this release was yanked:

Security Issues

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

flask_allowed_hosts-1.2.0.tar.gz (6.6 kB view details)

Uploaded Oct 10, 2024 Source

Built Distribution

flask_allowed_hosts-1.2.0-py3-none-any.whl (7.8 kB view details)

Uploaded Oct 10, 2024 Python 3

File details

Details for the file flask_allowed_hosts-1.2.0.tar.gz.

File metadata

Download URL: flask_allowed_hosts-1.2.0.tar.gz
Upload date: Oct 10, 2024
Size: 6.6 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.0.0 CPython/3.12.2

File hashes

Hashes for flask_allowed_hosts-1.2.0.tar.gz
Algorithm	Hash digest
SHA256	`2cbd159b7dd1d01628f082b28c0ce9bceee5b3811f70fc77731dce53a3ac13ab`
MD5	`f063dd8eea00cc85284044f6825032e5`
BLAKE2b-256	`d8d42a785e5e44db51c0127530e7330d6a3d5c9ec0569daae56933acd6ecfeac`

See more details on using hashes here.

File details

Details for the file flask_allowed_hosts-1.2.0-py3-none-any.whl.

File metadata

Download URL: flask_allowed_hosts-1.2.0-py3-none-any.whl
Upload date: Oct 10, 2024
Size: 7.8 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.0.0 CPython/3.12.2

File hashes

Hashes for flask_allowed_hosts-1.2.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`0d391121b9d4da46570a86cd70d9ae38fd74e356ce61d0faf07d807d1b61e82c`
MD5	`133267fd32648503d9f767cb52377aaa`
BLAKE2b-256	`0561a63d77e88bf255350395614b11c04158ad224f5e1a579153ee0089c94e8e`